WASHINGTON, Nov. 5 /PRNewswire-FirstCall/ -- Microsoft Corp.
(Nasdaq: MSFT) today announced the creation of the Anti-Virus
Reward Program, initially funded with $5 million (U.S.),
to help law enforcement agencies identify and bring to justice
those who illegally release damaging worms, viruses and other
types of malicious code on the Internet. Microsoft will provide
the monetary rewards for information resulting in the arrest
and conviction of those responsible for launching malicious
viruses and worms on the Internet. Residents of any country
are eligible for the reward, according to the laws of that country,
because Internet viruses affect the Internet community worldwide.

As part of the Reward Program, Microsoft announced the first
reward in the amount of a quarter-million dollars (U.S.)
for information leading to the arrest and conviction of
those responsible for unleashing the MSBlast.A worm. Although
two arrests were made in connection with the B and C variants
of the MSBlast worm, those responsible for releasing the original
worm this summer remain at large. The worm was designed to attack
Microsoft's http://www.windowsupdate.com
Web site, which provides fixes for vulnerabilities and helps
protect users against malicious attacks.

Microsoft offered a second quarter-million-dollar reward for
information that results in the arrest and conviction of those
responsible for unleashing the Sobig virus. This virus, the first
variant of which was detected Jan. 10, 2003, attacked individual
machines and e-mailed itself to each e-mail address in the computer's
contact list. The Sobig.B and Sobig.C variants of the virus made
messages appear as if they had come from official Microsoft e-mail
addresses. No arrests have been made in connection with the Sobig
virus.

"Malicious worms and viruses are criminal attacks on
everyone who uses the Internet," said Brad Smith, senior
vice president and general counsel at Microsoft. "Even as
we work to make software more secure and educate users on how
to protect themselves, we are also working to stamp out the criminal
behavior that causes this problem. These are not just Internet
crimes, cybercrimes or virtual crimes. These are real crimes
that hurt a lot of people. Those who release viruses on the Internet
are the saboteurs of cyberspace, and Microsoft wants to help
the authorities catch them."

Representatives of three law enforcement agencies, the Federal
Bureau of Investigation (FBI), the Secret Service and Interpol,
today joined Microsoft at the National Press Club news conference,
where the company provided details of the reward program.

"The malicious distribution of worms and viruses, such
as MSBlast and Sobig, are far from victimless crimes," said
Keith Lourdeau, Acting Deputy Assistant Director of the FBI Cyber
Division. "Such attacks on the Internet cost businesses
worldwide millions -- some estimates claim billions - of dollars
and wreak havoc on individuals by ruining files, hard drives
and other critical data. We intend to vigorously pursue the perpetrators
of these crimes, and we hope to see additional industry-government
collaboration to identify these individuals."

"Not only are we concerned with apprehending those individuals
who commit computer crimes but also in limiting the damage done
by these criminals to private industry and the public,"
said Bruce Townsend, deputy assistant director of investigations
at the Secret Service. "By working together, the public,
the private sector and law enforcement can combine their resources
to effectively combat computer-based crimes like the MSBlast.A
worm and Sobig virus."

"Interpol is particularly interested in fighting the
malicious spreading of viruses because this represents truly
borderless crime that requires a truly global response, a global
collaboration between police and private industry," said
Interpol Secretary General Ronald K. Noble, at the organization's
headquarters in Lyon. "This Microsoft reward program is
an opportunity to continue building effective relationships between
the world's police and the private sector in order to prevent
and prosecute cybercrime."

Individuals with information about the MSBlast.A worm or the
Sobig virus, or any other worms or viruses, should contact the
following international law enforcement agencies:

-- International/Interpol: via the Interpol National
Central Bureau in any of Interpol's 181 member countries or at
http://www.interpol.int/

Juvenile arrested for worm that spread
in the same way as the MSBlast worm

The suspect is thought to have created and released a worm
that exploits a security flaw in Microsoft operating systems,
according to a statement released by the Justice Department.
The worm--known as Spybot.worm.lz, Randex.E and RPCSdbot--infects
systems by taking advantage of a security flaw Microsoft revealed
in mid-July.

The Justice Department said the arrest puts Internet scofflaws
on notice.

"Computer hackers need to understand that they will be
pursued and held accountable for malicious activity, whether
they be adults or juveniles," John McKay, U.S. Attorney
for the Western District of Washington, said in the statement.

Because the suspect is a minor, the Justice Department declined
to reveal his or her name or gender. A department representative
was unavailable for immediate comment.

The arrest is the second stemming from viruses spread by online
vandals exploiting the flaw. The original MSBlast worm (also
known as Blaster and Lovsan), along with a flawed copycat known
as Welchia and Nachi that was intended to protect vulnerable
systems from the original worm, likely infected more than a million
computers. More on this story --->>

From SANS Newsbytes (http://www.sans.org):
Student Pleads Guilty to Breaking into
US National Lab Computer System
(31 October 2003) A British university student has pleaded guilty
to breaking into a number of computer systems at the Fermi National
Accelerator laboratory in Illinois. 18-year-old Joseph James
McElroy used the compromised computers to store movie and music
files. More on this story --->>

From SANS Newsbytes (http://www.sans.org):
--Trojan Defense Successful Three Times in UK Courts (28
October 2003) Three cases in UK courts have set a significant
precedent for prosecuting those accused of cyber crimes. In all
three cases, defendants' attorneys successfully argued that their
clients' computers had been hijacked by Trojan horse programs
and therefore the defendants were not responsible for the alleged
crimes. While some view the precedent as a safeguard against
convicting innocent people, others are concerned that it gives
cyber criminals a blanket defense. The Trojan defense has not
yet been used in the US court system. http://www.computerworld.com/printthis/2003/0,4814,86600,00.htmlhttp://www.theregister.co.uk/content/55/33636.html
[Editor's Note (Schultz): I fear that this will become the universally-used
defense in cybercrime cases. Juries are not likely to know enough
to see past this type of alibi.]